Home Black Hat Deep Tech Essays Fireside Chat My Take News Alerts Q&A RSAC Videocasts About Contact
 

Q & A

 

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

By Byron V. Acohido

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors.

Related: The ‘cyber’ case for D&O insurance

Vanessa Pegueros knows this all too well. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance.

I recently attended an IoActive-sponsored event in Seattle at which Pegueros gave a presentation titled: “Merging Cybersecurity, the Board & Executive Team”

Pegueros shed light on the land mines that enshroud cybersecurity presentations made at the board level. She noted that most board members are non-technical, especially when it comes to the intricate nuances of cybersecurity, and that their decision-making is primarily driven by concerns about revenue and costs.

Thus, presenting a sky-is-falling scenario to justify a fatter security budget, “does not resonate at the board level,” she said in her talk. “Board members must be very optimistic; they have to believe in the vision for the company. And to some extent, they don’t always deal with the reality of what the situation really is.

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

By Byron V. Acohido

The technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available.

Related: Data privacy vs data security

However, this remains a novel concept at most companies. Now comes a Forrester Research report that vividly highlights why attaining and sustaining a robust cybersecurity posture translates into a competitive edge.

The report, titled “Embed Cybersecurity And Privacy Everywhere To Secure Your Brand And Business,” argues for a paradigm shift. It’s logical that robust cybersecurity and privacy practices need become intrinsic in order to tap the full potential of massively interconnected, highly interoperable digital systems.

Forrester’s report lays out a roadmap for CIOs, CISOs and privacy directors to drive this transformation – by weaving informed privacy and security practices into every facet of their business; this runs the gamut from physical and information assets to customer experiences and investment strategies.

Last Watchdog engaged Forrester analyst Heidi Shey, the report’s lead author, in a discussion about how this could play out well, and contribute to an overall greater good. Here’s that exchange, edited for clarity and length.

Author Q&A: Here’s why the good guys must continually test the limitations of ‘EDR’

By Byron V. Acohido

A new tier of overlapping, interoperable, highly automated security platforms must, over the next decade, replace the legacy, on-premise systems that enterprises spent multiple kings’ fortunes building up over the past 25 years.

Related: How ‘XDR’ defeats silos

Now along comes a new book, Evading EDR: The Definitive Guide for Defeating Endpoint Detection Systems, by a red team expert, Matt Hand, that drills down a premier legacy security system that is in the midst of this transition: endpoint detection and response, EDR.

Emerging from traditional antivirus and endpoint protection platforms, EDR rose to the fore in the mid-2010s to improve upon the continuous monitoring of servers, desktops, laptops and mobile devices and put security teams in a better position to mitigate advanced threats, such as APTs and zero-day vulnerabilities.

Today, EDR is relied upon to detect and respond to phishing, account takeovers, BEC attacks, business logic hacks, ransomware campaigns and DDoS bombardments across an organization’s environment. It’s a key tool that security teams rely upon to read the tea leaves and

SHARED INTEL Q&A: Everything the Cisco-Splunk merger tells us about the rise of SIEMs

By Byron V. Acohido

Cisco’s recent move to acquire SIEM stalwart Splunk for a cool $28 billion aligns with the rising urgency among companies in all sectors to better protect data — even as cyber threats intensify and disruptive advancements in AI add a wild card to this challenge.

Related: Will Cisco flub Splunk?

Cisco CEO Chuck Robbins hopes to boost the resiliency the network switching giant’s growing portfolio of security services. Of course, it certainly doesn’t hurt that Cisco now gets to revenue from Splunk customers like Coca-Cola, Intel, and Porsche.

Last Watchdog engaged Gurucul CEO Saryu K. Nayyar in a discussion about the wider implications of this deal. Gurucul is known for its innovations in User and Entity Behavior Analytics (UEBA) as well as

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

By Erin Kapcynski

Editor’s note: I recently had the chance to participate in a discussion about the overall state of privacy and cybersecurity with Erin Kapczynski, OneRep’s senior vice president of B2B marketing. OneRep provides a consumer service that scrubs your personal information from Google and dozens of privacy-breaching websites. Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.)

For the first expert interview on our blog, we welcomed Pulitzer-winning investigative reporter Byron V. Acohido to share his ideas about the current cyber threat landscape, the biggest threats for businesses today, the role of AI and machine learning in cyberattacks and cyberdefence, and the most effective methods for companies to protect themselves.

Byron is the founder and editor-in-chief of The Last Watchdog on Privacy & Security. He previously chronicled the emergence of cybercrime while covering Microsoft for USA TODAY. His news analysis columns, podcasts, and videos are crafted to foster a useful understanding of complex privacy and cybersecurity developments for

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

By Byron V. Acohido

Something simply must be done to slow, and ultimately reverse, attack surface expansion.

Related: What Cisco’s buyout of Splunk really signals

We’re in the midst of driving towards a dramatically scaled-up and increasingly connected digital ecosystem. Companies are obsessed with leveraging cloud-hosted IT infrastructure and the speedy software development and deployment that goes along with that.

And yet it remains all too easy for malicious hackers to get deep access, steal data, spread ransomware, disrupt infrastructure and attain long run unauthorized access.

I heard a cogent assessment of the shift that must take at the Omdia Analyst Summit at Black Hat USA 2023. In a keynote address, Omdia’s Eric Parizo, managing prinicipal analyst, and Andrew Braunberg, principal analyst, unveiled an

Breaking News Q&A: What Cisco’s $28 billion buyout of Splunk foretells about cybersecurity

By Byron V. Acohido

There’s a tiny bit more to Cisco’s acquisition of Splunk than just a lumbering hardware giant striving to secure a firmer foothold in the software business.

Related: Why ‘observability’ is rising to the fore

Cisco CEO Chuck Robbins has laid down a $28 billion bet that he’ll be able to overcome challenges Cisco is facing as its networking equipment business slows, beset by supply chain issues and reduced demand, post Covid 19.

As a leading supplier of advanced security information and event management (SIEM) technology, Splunk happens to find itself in the thick of a tectonic shift. Network security is getting reconstituted. A new tier of overlapping, interoperable, highly automated security platforms is rapidly taking shape. In this milieu, SIEM systems have emerged as the telemetry ingestion engine, of choice, to help companies figure out how to effectively monitor — and securely manage —  hyper-connected software.

Last Watchdog engaged Forrester Principal Analyst Allie Mellen in a discussion about the cybersecurity angle